Skip to content
This repository has been archived by the owner on Jan 15, 2025. It is now read-only.

Commit

Permalink
(PA-5852) Apply CVE-2023-38545 patch for curl vulnerablity
Browse files Browse the repository at this point in the history
  • Loading branch information
amitkarsale committed Oct 12, 2023
1 parent 247061a commit bea280e
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 0 deletions.
1 change: 1 addition & 0 deletions configs/components/curl.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
pkg.apply_patch 'resources/patches/curl/CVE-2023-27535.patch'
pkg.apply_patch 'resources/patches/curl/CVE-2023-28319.patch'
pkg.apply_patch 'resources/patches/curl/CVE-2023-32001.patch'
pkg.apply_patch 'resources/patches/curl/CVE-2023-38545.patch'

configure_options = []
configure_options << "--with-ssl=#{settings[:prefix]}"
Expand Down
27 changes: 27 additions & 0 deletions resources/patches/curl/CVE-2023-38545.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
diff --git a/lib/socks.c b/lib/socks.c
index 95c2b004c..8cf694d1d 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -588,9 +588,9 @@ static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf,

/* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */
if(!socks5_resolve_local && hostname_len > 255) {
- infof(data, "SOCKS5: server resolving disabled for hostnames of "
- "length > 255 [actual len=%zu]", hostname_len);
- socks5_resolve_local = TRUE;
+ failf(data, "SOCKS5: the destination hostname is too long to be "
+ "resolved remotely by the proxy.");
+ return CURLPX_LONG_HOSTNAME;
}

if(auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
@@ -904,7 +904,7 @@ static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf,
}
else {
socksreq[len++] = 3;
- socksreq[len++] = (char) hostname_len; /* one byte address length */
+ socksreq[len++] = (unsigned char) hostname_len; /* one byte length */
memcpy(&socksreq[len], sx->hostname, hostname_len); /* w/o NULL */
len += hostname_len;
}

0 comments on commit bea280e

Please sign in to comment.